EP2715983B1 - Device arrangement for implementing remote control of properties - Google Patents

Device arrangement for implementing remote control of properties Download PDF

Info

Publication number
EP2715983B1
EP2715983B1 EP12788813.9A EP12788813A EP2715983B1 EP 2715983 B1 EP2715983 B1 EP 2715983B1 EP 12788813 A EP12788813 A EP 12788813A EP 2715983 B1 EP2715983 B1 EP 2715983B1
Authority
EP
European Patent Office
Prior art keywords
home control
network
control network
key
terminal pair
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
EP12788813.9A
Other languages
German (de)
English (en)
French (fr)
Other versions
EP2715983A2 (en
EP2715983A4 (en
Inventor
Veikko Ylimartimo
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
TOSIBOX Oy
Original Assignee
TOSIBOX Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by TOSIBOX Oy filed Critical TOSIBOX Oy
Priority to PL12788813T priority Critical patent/PL2715983T3/pl
Publication of EP2715983A2 publication Critical patent/EP2715983A2/en
Publication of EP2715983A4 publication Critical patent/EP2715983A4/en
Application granted granted Critical
Publication of EP2715983B1 publication Critical patent/EP2715983B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2803Home automation networks
    • H04L12/2816Controlling appliance services of a home automation network by calling their functionalities
    • H04L12/2818Controlling appliance services of a home automation network by calling their functionalities from a device located outside both the home and the home network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation

Definitions

  • the invention relates to a remote control method of actuators in a property and a remote control system with its components.
  • Remote-controllable devices and systems are increasingly being installed in properties and homes.
  • the purpose of the systems is to secure and/or maintain such conditions in properties, so that living in them is both safe and pleasant.
  • the spectrum of remote-controlled on remote-monitored devices is wide. The same property may have devices from several suppliers. These devices can often not communicate directly with one another. It is also common that each system has its operation logic, the remote controlling of which requires the use of a particular data communications solution.
  • connection often does not work in the way agreed upon when ordering it from the operator, and one must negotiate about repair procedures and wait for the operator to act in the matter.
  • APN private access point name
  • GPRS General Packet Radio Service
  • HSDPA High Speed Downlink Packet Access
  • HSUPA High Speed Uplink Packet Access
  • HSUPA High Speed Uplink Packet Access
  • the properties may be connected to "remote use" occurring only within the intranet formed between the properties. No real remote contact is obtained for such targets, if the remote contact user is physically elsewhere than in one of the properties in question in the intranet.
  • US 2010/0014529 depicts how it is possible in a communication system to connect two arbitrary network communication apparatuses by selecting an appropriate route or identifying an IP address in an environment which includes a network using plural NAT routers.
  • a network communication apparatus of US 2010/0014529 includes a direct search unit which first transmits a direct search request to another arbitrary network communication apparatus.
  • a communication control unit of said network communication apparatus performs communication with the other network communication apparatus based on the direct search information.
  • the network communication apparatus includes also a route information obtaining unit which obtains route information of the network communication apparatus from a server which holds route information of the network communication apparatuses.
  • the route information obtaining unit should request the route information only in a case where information regarding the other network communication apparatus is not obtained in response to the transmission of the direct search request of the network communication apparatus.
  • JP 2010086175 depicts how it is possible to provide a remote access to a LAN network without a management system for guaranteeing the validity of an encryption key to be used for user authentication and without using any certificate issued by a certification authority.
  • a user inputs his or her password and user identification data to a client computer that is connected to the LAN. After that the client computer generates an encryption key to be used for user authentication and a user identification number.
  • the encryption key and the user identification number are stored in a USB memory that is connected to the client computer.
  • the password and the user identification number are transmitted encrypted to an authentication server of said LAN.
  • an authentication code using the encryption key is generated by said USB memory that is connected to the another remote computer.
  • the generated authentication code is then transmitted to the authentication server of said LAN.
  • the authentication server of said LAN performs user authentication by verifying the received authentication code.
  • the target connection of the property is altered to be as such suitable for remote use.
  • the objects of the invention are attained with a device arrangement, in which a home control network device installed in a fixed manner in a property and a home control network key of a person realising monitoring of the property establish a secure two-way connection over the Internet based on contact information they have received from a home control network server according to the invention.
  • the home control network device in the property to which the devices to be remote-controlled or remote-monitored in the property are connected, are connected to a data network connection device/network terminal in the property, for example a modem.
  • the current IP addresses of the home control network device and the home control network key are maintained in the home control network server related to the invention, which IP addresses are used for establishing a connection between said devices. Due to the additional procedures and the connection establishing methods according to the invention both said devices can be connected to some private, non-public network, and they can still establish among themselves a data transfer connection over the Internet. Advantageously it is enough for establishing the data transfer connection over the Internet between the mobile home control network key and the fixed installed home control network device that said devices at some point in the established connection also obtain a public IP address, even though simultaneously the home control network device and the home control network key only have non-public IP addresses.
  • the home control network server does not participate in the establishing of the actual data transfer connection after it has sent the IP addresses of the devices to be available to the devices.
  • An advantage with the property remote control system according to the invention is that both the devices in the home control network device pair can search their routing from their placement location to the IP address of the device of the property connecting to the Internet and to store the searched route in a separate home control network server on the Internet for the identification and IP address of the device pairs.
  • each home control network device pair forms independently among themselves a predetermined unique device pair or device group, which identify each other in the network. Due to the identification method the home control network key carried with the user or a computer program installed in some data processing device, which computer program implements the functions of a home control network key, establishes a network connection only with its own unique home control network device pair, and the connection cannot be established with any other network device. Thus the home control network key functions as a strong safety key to the "network doors" of the property.
  • the device pair of the remote control system according to the invention can among themselves independently with the aid of the address information of the home control network server establish a direct two-way secure OSI model (Open Systems Interconnection Reference Model) data link layer (Layer 2) level or also network layer (Layer 3) level data transfer connection through the serving local network devices and the Internet (VPN; Virtual Private Network) without having the established connection circulating at all through an external server.
  • OSI model Open Systems Interconnection Reference Model
  • Layer 2 data link layer
  • Layer 3 network layer
  • the data link layer level secured remote transfer connection is a basic requirement for many flexible uses and utilisations of building service control devices.
  • the home control network device pair can be established either in connection with manufacturing or in connection with start-up occurring later.
  • the device pair is advantageously formed by connecting the home control network device and the home control network key together for example via a USB port, whereby either or both of them receive each other's identification code.
  • the programs of the home control network key with their security identifiers and passwords can be stored in an external server, from where they can be retrieved to a new remote control network key or a program installed into a terminal, which program simulates a home control network key, in return for the security identifiers or passwords.
  • the home control network key is characterised in that it may comprise a processor, a memory and a therein stored computer program code, which are, for establishing a virtual private network, configured to:
  • the home control network device in a property is characterised in that its processor, memory and therein stored computer program code are, for establishing a virtual private network, configured to:
  • the computer program product for providing home control network key functions comprising computer program code means adapted to perform the following program code steps when said program is executed on a processor is characterised in that, the computer program comprises, for being adapted to establish a virtual private network:
  • the computer program product for providing home control network device functions comprising computer program code means adapted to perform the hollowing program code steps when said program is executed on a processor, is characterised in that, the computer program comprises, for being adapted to establish a virtual private network:
  • a device pair is manufactured, a home control network device and a home control network key (device), where at least one home control network device and at least one home control network key (device) can establish a data transfer connection only with each other.
  • Said home control network key (device) may either be a separate electronic device manufactured for this purpose or it may also be some data processing device, in which a computer program according to the invention has been installed, which program implements the home control network key functions.
  • the home control network device in the property to be remote-controlled is installed in an existing intranet network or Internet network in the property to be controlled. It establishes one subnetwork, a control intranet network, in the intranet or Internet network, to which control intranet network various actuators to be controlled in the property are connected either with a wired or wireless data transfer connection.
  • an individual home control network key or several home control network keys can function as the device pair of two or more home control network devices in different properties.
  • the identification codes of the home control network device and the home control network key are stored in said devices in connection with their manufacturing, or said devices change their identification codes when they are connected for example to one of their USB ports.
  • the home control network device and home control network key can establish a two-way secure data transfer connection between them.
  • the data transfer connection can advantageously be based on an OSI model data link layer (Layer 2) or network layer (Layer 3).
  • both devices determine routing information of the devices from their location network all the way to a network terminal connected to the Internet, which routing information is needed for the connection establishment.
  • This routing information is stored in a home control network server according to the invention, connected to the Internet.
  • the home control network key wants to establish a data transfer connection via the Internet to its device pair in some property, it retrieves the routing information of the home control network device functioning as its pair from the home control network server. By utilising the obtained routing information the home control network key begins to establish a direct end-to-end data transfer connection.
  • a direct VPN data transfer connection advantageously using the network layer has been established between the home control network key and the home control network device in the property.
  • a home control network device is installed in the internal data transfer network of a property to be remote-controlled between an existing internal data transfer network related to control and management of the property and a network terminal relaying traffic from the property to the Internet. All devices related to property control are connected to the inputs of the home control network device and the output of the home control network device is connected to the input meant for the intranet device of the network terminal relaying Internet traffic.
  • the home control network key according to the invention can be connected to some data transfer device, which is able to establish a data transfer connection to the Internet.
  • Possible data transfer devices are for example a PC, a tablet computer or a smartphone.
  • the connection of the home control network key to the data transfer device can be done for example with the aid of a LAN interface (Local Area Network), a WLAN interface (Wireless LAN), a WAN interface (Wide Area Network), a USB interface (Universal Serial Bus) or an antenna interface.
  • LAN interface Local Area Network
  • WLAN interface Wireless LAN
  • WAN interface Wide Area Network
  • USB interface Universal Serial Bus
  • the computer program implementing the functions of the home control network key is stored on a portable data storage means, for example a USB stick, from which the computer program can be installed into a suitable data processing device.
  • the program installed in the data processing device simulates all the functions of the home control network key.
  • the home control network key When the home control network key is either connected to a data transfer device connected to a local network or the computer program implementing the functions of the home control network key is installed in said data transfer device, the home control network key first determines its own routing through different subnetworks to the home control network server. When the routing is ascertained, the routing information of the home control network key is stored in the home control network server according to the invention.
  • Figures 1 and 2 show two advantageous embodiments 1 A and 1B of the remote control system according to the invention.
  • one home control network key 42 or data processing device 41 c which has by software been converted into a home control network key, is used to establish a data transfer connection to one home control network device 61 in some property.
  • the home control network key 42 or the data processing device 41 c converted into a home control network key according to the invention can however advantageously also function with separate home control network devices in two or more properties.
  • the data transfer network mainly has the same basic network structure.
  • the Internet is shown with reference 2.
  • Some public network or an intranet, reference 3, is also connected to the Internet 2.
  • the network 3 may be a permanent or wireless data transfer network.
  • a first data transfer network 4 the house control remote network of the property, is connected to the network 3, to which house control remote network the client device implementing the remote control, reference 41 a, can be connected.
  • the data processing device 41 c simulating the home control network key is connected to a public network / intranet network 3.
  • the house intranet in the property to be remote-controlled is in Figures 1 and 2 designated with reference 5.
  • a second data transfer network 6, a house control intranet according to the invention, is connected to the house intranet network 5.
  • the actuators 62-65 to be remote-controlled in the property are connected to the house control intranet.
  • the home control network device 61 (HCND), is connected to the house intranet network 10.0.0.0/24, reference 5.
  • the house intranet network 5 is connected to the Internet 2 with network terminal 51.
  • the network terminal 51 can be a router, a modem or a firewall, which can include also a network address translator NAT.
  • the house intranet 5 is behind a firewall FW1 containing a NAT function, reference 51.
  • the public IP address of the firewall FW1 is in the examples of Figure 1 and 2 240.1.1.2.
  • the internal IP address of the firewall FW1 is 10.0.0.1.
  • Two exemplary other data processing devices are also connected to the house intranet network 5, the IP addresses of which in the house intranet network are 10.0.0.3 and 10.0.0.4.
  • the house control intranet network 172.17.0.0/24 (HCl), reference 6, is connected to the house intranet network 5 via the home control network device 61.
  • the IP address of the home control network device 61 in the house control intranet network is 172.17.0.1 and in the house intranet network 10.0.0.2.
  • four exemplary devices/servers 62, 63, 64 and 65 are connected to the house control intranet 6.
  • the devices/servers can be connected to the house control intranet 6 either with a permanent connection or a wireless data transfer connection.
  • Reference 62 shows a lighting control webserver, the IP address of which in the house control intranet network is 172.17.0.5. For a remote user the lighting control webserver 62 is seen as device HCND4.
  • Reference 63 shows a heat control webserver, the IP address of which in the house control intranet network is 172.17.0.4. For a remote user the heat control webserver 63 is seen as device HCND1.
  • Reference 64 shows a surveillance camera webserver, the IP address of which in the house control intranet network is 172.17.0.3.
  • the surveillance camera webserver 62 is seen as device HCND2.
  • Reference 65 shows an air-conditioning webserver, the IP address of which in the house control intranet network is 172.17.0.2. For a remote user the air-conditioning webserver 65 is seen as device HCND3.
  • the home control network key 42 (HCNK) is connected to the house control remote network 172.17.0.0/24, reference 4.
  • the house control remote network 4 is behind the intranet 3 firewall FW2, reference 31.
  • the public IP address of the NAT firewall 31 is in this example 240.2.1.2 and the internal IP address of the NAT firewall is 10.0.1.1.
  • the house control remote network 172.17.0.0/24 (HCRN), reference 4 is connected to the data transfer network 3 via a home control network key 42 according to the invention.
  • the IP address of the home control network key 42 in the intranet network is 10.0.1.2 and in the house control remote network 172.17.0.6.
  • an exemplary data processing device 41 a has been connected to the house control remote network 4, the IP address of which data processing device in the house control remote network 4 is 172.17.0.7.
  • This data processing device 41 a is used, when it is desired to remotely control devices/servers 62, 63, 64 or 65 connected to the house control intranet network 6.
  • the home control network key 42 and home control network device 61 according to the invention need each other's routing information, in order for them to be able to establish between them an end-to-end data transfer connection based on the data link layer or network layer, in the examples of Figures 1 and 2 a VPN data transfer connection 55.
  • the routing information is stored by both the home control network key 42 and the home control network device 61 according to the invention in a home control network server 21 (HCNS) on the Internet.
  • HCNS home control network server 21
  • the NAT firewalls do not completely restrict outgoing UDP communication. They are so-called NAT firewalls in one state and "with memory", which also do not change the source port numbers of UDP connections (User Datagram Protocol) unforeseeably, if they do not have to.
  • the object is to establish in the data link layer an Ethernet level connection between the home control network key 42 and the home control network device 61.
  • both devices 42 and 61 retrieve from the home control network server 21 the routing information stored therein by the counterpart device.
  • the home control network server 21 checks that it is really a question of an allowed home control network key/home control network device pair. With the aid of the retrieved routing information the home control network key 42 and the home control network device 61 establish a direct VPN connection between them.
  • a data processing device 41 a in the house control remote network 4 can make contact with a device 62, 63, 64 or 65 in the house control network 6.
  • the home control network key 42 and the home control network device 61 must determine their network path from their own network at least to the Internet 2. This network path determination can be made for example in the following manners, which the home control network key 42 and home control network device 61 advantageously utilise.
  • DHCP Dynamic Host Configuration Protocol
  • Settings obtainable with the DHCP procedure are at least the IP address of the data processing device, the network mask, the default gateway and the DNS server (Domain Name System), which transforms the domain names into IP addresses.
  • a Traceroute procedure is a tool which uses a TCP/IP protocol, which determines along what route or network path packets transfer to the determined machine.
  • a data transfer device connected to the network ascertains the network path by adding a Time to Live value (TTL) of the packets it sends one at a time, starting from zero.
  • TTL Time to Live value
  • the data processing device sends to a default gateway an IP packet with some target address in the external network using the TTL value "0".
  • the default gateway responds to this with a message of TTL expired. For example the IP address, delay etc. of the default gateway become clear from this message.
  • the data processing device sends to the default gateway an IP packet with some target address in the external network using the TTL value 1. Again the router following the default gateway responds with a message "TTL expired", from which the IP address of this subsequent (second) router is clear. This transmission/response process is continued by increasing the TTL value until the desired goal is reached. In the case of the Internet the final goal is typically reached with a TTL value of 6-15. The final result is that the data processing device knows the network path to the outside world, for example the Internet.
  • An ICMP protocol Internet Control Message Protocol
  • a Record Route flag of an ICMP packet is used in the ICMP procedure, which flag requests operating systems of the devices on the network path to record in the ICMP packet's title the IP address of the transmitting router.
  • the network route determinations are done by the home control network key 42 and the home control network device 61 with at least one of the processes described above. These devices store the discovered network paths on the home control network server 21, which stores them in its memory.
  • the home control network key 42 and the home control network device 61 according to the invention advantageously also have an ability to determine a free cyber space.
  • Said devices are configured to determine for themselves an available cyber space automatically, by utilising the network path information on the home control network server 21.
  • Said devices request the home control network server 21 to give some free part of the cyber space.
  • the home control network server 21 examines the network paths it has received and returns some network block, where not even one address is mentioned in the network path of any device known thereby.
  • the home control network device 61 also advantageously offers DHCP and DNS services in its own subnetworks 4 and 6 for devices connected thereto. Additionally the home control network key 42 and the home control network device 61 function as a default gateway for devices connected to the subnetwork.
  • Figure 2 shows another remote control system 1B according to the invention.
  • the data processing device 41 c utilised by the user is connected to a data transfer network depicted with reference number 3.
  • the embodiment of Figure 2 differs from the embodiment of Figure 1 in that the functions of the home control network key 42 of Figure 1 are substituted with a USB memory 42b, which can be connected to a data processing device 41c utilised by the client.
  • the data processing device 41 c and the USB memory 42b together form the home control network key.
  • the computer program implementing the functions of a home control network key according to the invention is installed from the USB memory 42b to the data processing device 41c.
  • the computer program can advantageously be stored in the data processing device 41 c for example from a USB stick 42b by attaching the USB stick to a USB port in the data processing device 41c.
  • the data processing device 41 c simulates a home control network key according to the invention with a computer program installed therein.
  • the home control network key 42 of Figure 1 is simulated in its entirety or partly in the user's data processing device 41c.
  • the user makes contact with this simulation software with a browser in his data processing device 41 c, or alternatively the simulation software opens a browser window in the data processing device 41c.
  • the simulation is started by launching the simulation program according to the invention in the data processing device 41 c, which simulation program implements all the functions of a physical home control network key 42 by software.
  • the described remote control arrangements may utilise a home control network double key connected to the Internet 2, which assists in the establishing and maintenance of the connection.
  • the home control network double key assists in creating a VPN tunnel by bridging two VPN tunnels coming from different directions into one VPN tunnel.
  • the remote control system functions in the same way as in the remote control systems presented in Figure 1 or Figure 2 .
  • the home control network device 61 The home control network device 61:
  • the home control network device 61 is connected to the 10.0.0.0/24 network (the house intranet 5) for example by attaching a cable to the WAN port of the home control network device 61.
  • the home control network device 61 automatically retrieves its IP settings with the DHCP procedure.
  • a firewall FW1 in the house intranet network 5 advantageously functions as the DHCP server, which firewall gives the home control network device 61 the IP address 10.0.0.2 in a 24 bit network mask (255.255.255.0).
  • the DHCP server also gives the default router address 10.0.0.1 and the DNS server address 10.0.0.1.
  • the home control network device 61 begins the communication by ascertaining with the aid of the DNS server the IP address of the home control network server 21 (HCNS, DNS address etahallinta.fi).
  • the DNS server 10.0.0.1 gives the home control network server's 21 IP address as 240.1.1.1.
  • the home control network device 61 makes contact 240.1.1.1 with the home control network server 21 over the Internet with a TCP or UDP protocol.
  • the home control network device 61 authenticates mutual operational rights with the home control network server 21 with certificates and/or passwords determined in connection with manufacturing.
  • This data transfer connection is advantageously encrypted for example with an SSL/TLS encryption.
  • the home control network server 21 sees from the incoming connection the public IP address of the home control network device 61, which in the example of Figure 1 is 240.1.1.2.
  • the home control network device 61 notifies the home control network server 21 of its own address and network mask (10.0.0.2/24).
  • the home control network server 21 stores this information in its database.
  • the home control network device 61 advantageously also performs a traceroute operation toward the home control network server 21 and reports the discovered network path to the home control network server 21.
  • the home control network server 21 stores the received network path of the home control network device 61 in its database.
  • the home control network device 61 advantageously also performs an ICMP Record Route operation and reports the discovered route to the home control network server 21.
  • the home control network server 21 stores the route received from the home control network device 61 in its database.
  • the home control network device 61 performs an automatic determination of free cyber space by sending an inquiry to the home control network server 21.
  • the home control network server 21 returns to the home control network device 61 in the examples of Figures 1 and 2 the cyber space 172.17.0.0/24.
  • the home control network device 61 takes the cyber space into use for its intranet 6, and as its own IP address the home control network device 61 takes 172.17.0.1.
  • the home control network device 61 notifies the home control network server 21 about the taking into use, which server stores the information in its database.
  • the home control network device 61 is shown as its own separate device, which establishes its own subnetwork for controlling devices in a property. It is obvious to someone skilled in the art that the functions of the home control network device 61 can be integrated as a part of a computerised or house engineering device, which has a sufficient processor and memory capacity and connecting means for connecting various technical means thereto either with a wired data transfer connection or a wireless data transfer connection.
  • the home control network key 42 is a home control network key
  • the home control network key 42 begins the communication by ascertaining with the aid of the DNS server the IP address of the home control network server 21 (HCNS, DNS address hcns.fi).
  • the DNS server 10.0.1.1 gives 240.1.1.1 as the IP address of the home control network server 21.
  • the home control network key 42 contacts the home control network server 21 on address 240.1.1.1 over the Internet primarily with a UDP protocol, secondarily with a TCP protocol.
  • the home control network key 42 authenticates mutual operational rights with the home control network server 21 with predistributed certificates and/or passwords.
  • the data transfer connection is advantageously encrypted for example with an SSL/TLS encryption.
  • the home control network server 21 sees from the incoming connection the public IP address 240.2.1.2 of the home control network key 42.
  • the home control network key 42 additionally notifies the home control network server 21 of its own address and network mask 10.0.1.2/24.
  • the home control network server 21 stores this information in its database.
  • the home control network key 42 performs a traceroute operation and reports the discovered network path to the home control network server 21, which stores the information in its database.
  • the home control network key 42 advantageously also performs an ICMP record route operation and reports the discovered network path to the home control network server 21, which stores the information in its database.
  • the home control network server 21 checks the received route information and if there are overlaps, the home control network server 21 reports them to the home control network key 42, which if necessary performs the automatic determination of free cyber space again.
  • Some device is connected to the remote control system 1A by connecting the device to be connected to an intranet interface of the home control network device 61 either with a permanent connection or wirelessly.
  • a heat control webserver 63 is connected to the house control intranet network 6.
  • the heat control webserver 63 retrieves its IP settings with the DHCP service.
  • the heat control webserver obtains from the home control network device 61 172.17.0.4 as its own address, 172.17.0.1 as the address of the default router, 172.17.0.1 as the address of the DNS server. Additionally it obtains from the DNS server hcws.hcnd.local as its name in the example of Figure 1 .
  • the home control network device 61 stores the DHCP information it gives to the heat control webserver 63 in its local database.
  • the home control network key 42 is predetermined to pair up with the home control network device 61. In this way it is possible to establish a direct data transfer connection between the house control intranet 6 and the Ethernet network 3, to which the home control network key 42 is connected.
  • the home control network key 42 begins the pairing-up process. It notifies the home control network server 21 that it wants to establish a data transfer connection to the home control network device 61 advantageously by using the UDP protocol.
  • the home control network server 21 decides that the requested data transfer connection should be established with the following port numbers:
  • the home control network server 21 reports this information to the home control network key 42 and the home control network device 61.
  • the home control network key 42 sends the UDP packet to the address 240.1.1.2 with source port 10500 to the target port 10501.
  • the sent packet gets through the firewall FW2, which contains a NAT function, because outgoing traffic is not strongly restricted.
  • the FW2 firewall 31 remembers the UDP packet as a connection for the following X seconds with the contact information 10.0.0.2, 240.1.1.2, 10500 and 10501.
  • the UDP packet arrives at the FW1 firewall 51, which does not allow incoming traffic and it drops the packet.
  • the packet does not arrive at the address 10.0.0.2.
  • the home control network device 61 sends a UDP packet to address 240.2.1.2 with source port 10501 to target port 10500.
  • the sent UDP packet gets through the FW1 NAT firewall 51, because outgoing traffic is not restricted.
  • the FW1 firewall 51 remembers the UDP packet as a connection for the following X seconds with the contact information 10.0.0.2, 240.2.1.2, 10501 and 10500.
  • the UDP packet arrives at the FW2 firewall 31.
  • the FW2 firewall 31 remembers that the IP address 10.0.1.2 had established a UDP connection to address 240.1.1.2 with source port 10500 and target port 10501. Because the UDP packet comes from said source address 240.2.1.2, with source port 10501 and to target port 10500, the FW2 firewall 31 interprets the packet as return communication related to the connection established by the device 10.0.1.2.
  • the firewall FW2 thereafter performs an address change operation. It changes the target address of the UDP packet to 10.0.1.2. Thereafter the FW2 firewall 31 routes the UDP packet to address 10.0.1.2.
  • the home control network key 42 receives a message from the home control network device 61. A one-way data transfer connection from the home control network device 61 to the home control network key 42 now exists.
  • the home control network key 42 sends a UDP packet to the address 240.1.1.2 with source port 10500 to target port 10501.
  • the UDP packet arrives at the FW1 firewall 51.
  • the FW1 firewall 51 remembers that the address 10.0.0.2 had established a UDP connection to address 240.2.1.2 with source port 10501 and target port 10500. Because the packet comes from source address 240.2.1.2 with source port 10500 and to target port 10501, the FW2 firewall 51 interprets the received UDP packet as return communication to the connection established by the device 10.0.0.2.
  • the FW1 firewall 51 performs an address change, i.e. changes the target address of the packet to 10.0.0.2. Thereafter the FW1 firewall 51 routes the packet to address 10.0.0.2.
  • a two-way UDP connection exists between the home control network key 42 and the home control network device 61. These devices can communicate with each other bidirectionally.
  • the home control network device 61 and the home control network key 42 advantageously form a data link layer level VPN tunnel between them, using for example the OpenVPN software.
  • the home control network device 61 bridges the created VPN tunnel 55 with the house control remote network 172.17.0.0/24, reference 6, it administrates. In the same way the home control network key 42 bridges the created VPN tunnel 55 with its LAN port, so it is able to provide intranet interfaces in the network 172.17.0.0/24 on the data link layer level. After these operations the house control remote network 4 and the house control intranet 6 form a private VPN network over the Internet 2.
  • a client device 41 a can be connected via the Ethernet to the intranet interface of the home control network key 42, which interface can for example be a LAN interface.
  • the client device 41 a retrieves its IP settings from the home control network device 61 by using the DHCP protocol.
  • the DHCP inquiry sent by the client device 41 a or 41 c goes to the LAN port of the home control network key 42, which port is bridged with the VPN tunnel 55.
  • the home control network key 42 sends the Ethernet packet formed by the client device 41 a or 41 c as such to the VPN tunnel 55.
  • the DHCP packet sent by the client device 41 a or 41 c arrives to the home control network device 61 along the VPN tunnel 55.
  • the home control network device 61 has a DHCP server, which responds in a return message with IP address 172.17.0.7/24, default router 172.17.0.1 and DNS server 172.17.0.1.
  • the return message of the home control network device 61 correspondingly goes along the VPN tunnel 55 to the home control network key 42, which sends the packet onward to its LAN network interface.
  • the client device 41 a or 41 c receives the DHCP return packet and takes into use the settings included in the IP return packet.
  • the IP address of the client device is now 172.17.0.7/24, the default router 172.17.0.1, the DNS server 172.17.0.1.
  • the client device 41 a is now logically a part of the VPN network 172.17.0.0/24 and is able to communicate directly on the Ethernet level with device 172.17.0.4 just as if it was directly physically attached to the 172.17.0.0/24 network (house control intranet 6).
  • the technical limitations of the VPN tunnel 55 and Internet connections, such as connection speed and delays, must however be taken into account when communicating.
  • Devices to be remote-controlled are connected to the LAN interface of the home control network device 61, either permanently or wirelessly.
  • the devices to be connected are an air-conditioning control 65, a heat control 63, a surveillance camera 64 and a lighting control 62.
  • the webservers of the devices to be remote-controlled receive their IP address from a DHCP server advantageously comprised in the home control network device.
  • the home control network device 61 names the IP addresses it gives in a predetermined manner.
  • the IP address 172.17.0.4 is “HCND1”, which is the heat control.
  • IP address 172.17.0.3 is “HCND2”, which is the surveillance camera.
  • the client device 41 user can now communicate directly on the Ethernet level with the devices 62, 63, 64 and 65 to be remote-controlled presented in Figure 1 .
  • the communication does not differ from the manner which would be used, if the client device 41 a was directly physically attached to the house control intranet network 172.17.0.0/24 serving the devices to be remote-controlled.
  • the client device 41 a user When utilising the remote control system 1A according to the invention the client device 41 a user enters for example http://hcnd1 as an address in the browser.
  • the client device's browser makes a DNS inquiry to the home control network device 61 (from address 172.17.0.1) for the name "HCND1".
  • the home control network device 61 returns to the client device 41 a the name with the IP address 172.17.0.4 of HCND1.
  • the user's client device 41 a browser advantageously opens with HTTP the page http://HCND1 from the heat control webserver 172.17.0.4.
  • the user now has a direct management connection to the heat control webserver 63 controlling the heat controls.
  • the client device 41 a user can also perform an address search for the primary name "HCND".
  • the home control network device 61 responds to the inquiry with its own IP address 172.17.0.1 and provides an index page to be seen in the user's client device 41 a browser. On the index page the user sees in a list form all the resources attached to the LAN interface of the home control network device 61. In the example of Figures 1 and 2 the following list is seen in the browser:
  • the client device user On the index page it is possible for the client device user to rename the presented objects, e.g. HCND1 with the name “heat control” and HCND2 with the name “surveillance camera".
  • the home control network device automatically stores the name changes for the IP addresses in question. Now the client device 41 a user can contact for example the heat control by entering only "heat control" in the browser line.
  • the home control network key 42 and home control network device 61 pairs are advantageously determined in connection with manufacturing.
  • the pairing of the home control network key 42b and the home control network device 61 can be determined either in connection with manufacturing or at the final use target. If the pairing determination is done at the final use target, then the home control network key 42b is in the embodiment according to Figure 2 temporarily connected to the home control network device 61.
  • the connecting is advantageously implemented either by means of the devices' USB ports or via a wireless radio network.
  • the home control network key 42b and the home control network device 61 can receive the identification code of its device pair and send its own identification code to its device pair. Thereafter these two devices can establish a data transfer connection only with each other.
  • the transfer of the home control network key computer program to the user's user terminal 41 c is advantageously implemented as follows.
  • the home control network key 42b When the home control network key 42b is momentarily attached by its connection to the data processing device 41 c, then the computer program contained in the home control network key 42b with its individual identification codes is installed in the user's data processing device 41c, reference 42e. In connection with the installation the data processing device 41 c user is asked whether he wants to take into use a protection function of the device and/or program. If it is desired to activate the protection function, then in this case the home control network key installation program requests that the user gives his password either only to the user's data processing device 41 c or to the installed program or if desired to both.
  • the home control network key with its programs, individual identification codes and passwords can if desired also be stored for example on a well-protected internal network server, from where it can when necessary be moved back to a new home control network key (e.g. if the original key device is broken or lost).
  • the program contained in the home control network key 42b with its identification codes can also be stored on several data processing devices 41c, which may thus function in parallel with the first data processing device.
  • the computer program contained in the home control network key 42b may for example also be situated on a server on the Internet, from where it can be retrieved.
  • the physical home control network key 42b itself may comprise only the identification code needed for identifying the device pair.
  • Figure 3 shows as a flow chart the above-described operations after the home control network key 42 or 42b and the home control network device 61 have been paired together.
  • step 300 the home control network device 61 is connected to the house intranet network 5 and the home control network key 42 or the data processing device 41 c simulating the home control network key to the intranet network 3. All devices to be remote-controlled in the property are connected to the home control network device 61 either with a permanent connection or a wireless connection.
  • both the home control network device 61 and the home control network key 42 or 41c determine their network path.
  • both the home control network device 61 and the home control network key 42 stores their determined network paths on the home control network server 21.
  • step 303 the devices 42 or 41c and 61 according to the invention to be utilised in the remote-controlling receive information that their device pair has registered with the home control network server 21 or that the registration is missing. If one of the devices 42/41 c or 61 according to the invention belonging to the device pair has not registered, then the remote control system 1A or 1B moves after a specified delay 312 to the listening step 313 of the home control network server connection.
  • both the home control network key 42/41 c and the home control network device 61 request in step 304 the network path of the counterpart from the home control network server 21.
  • the home control network server 21 checks that it is a question of an allowed device pair, and after the checking it sends the network paths to both devices in step 305. Thereafter the home control network server 21 releases the connection to both devices 42/41 c and 61 and thus it is no longer a part of the VPN tunnel 55 being formed.
  • step 306 the home control network key 42/41 c and the home control network device 61 form a VPN tunnel 55 between them.
  • both the user's client device 41 a or 41 c and the target device 62-65 in the property are connected to the established VPN network.
  • the user's client device 41 a is connected to the VPN network by the home control network key 42.
  • the user's data processing device 41 c itself is one of the end points of the VPN network.
  • the device 62-65 to be remote-controlled in the target is connected to the VPN network by the home control network device 61.
  • step 308 the user's client device 41 a or 41 c and the device 62-65 to be controlled in the property are part of the same VPN network, whereby they may exchange information with each other.
  • step 309 consists of checking whether the data transfer connection between the client device 41 a or 41 c and the target device 62-65 is still active. If the data transfer connection is active, the process returns to step 308 and the data transfer is allowed to continue.
  • step 309 If it is in step 309 found that the VPN connection is no longer active, then a decision is made in step 310 regarding a possible new attempt at establishing a connection. If it is decided to make a new attempt at establishing a connection, then the process returns to step 301.
  • the process advantageously also includes necessary procedures for releasing the VPN connection, so that the connection establishing process according to the invention itself can be renewed successfully. The connection establishing is attempted according to a predetermined number.
  • step 310 If it is in step 310 decided that a new attempt to establish a VPN connection is no longer made, because a predetermined number of connection establishing attempts have been made or it is for some other reason not desired to establish a VPN connection, then the process moves to step 311. In step 311 the used VPN data transfer network is released.
  • a predetermined delay 312 follows in the process utilised in the remote control system 1A or 1B. After the delay 312 the process moves to the listening function 313 of the home control network server. There the current-carrying home control network device 61 sends contact requests via the network to the home control network server 21.
  • the home control network device 61 repeats the process, step 314, until a network connection to the home control network server 21 is established.
  • step 314 a decision is made about moving to a process of establishing a VPN connection, whereby the process returns to step 301.
  • All the above-described process steps are implemented with program commands, which are performed in a suitable special-purpose or general-purpose processor.
  • the program commands are stored on a storage medium utilised by the home control network device 61 and home control network key 42, such as memories, from which the processor can retrieve and implement them.
  • the references to computer-readable medium can for example also contain special components, such as programmable USB Flash memories, logic arrays (FPLA), application-specific integrated circuits (ASIC) and signal processors (DSP).
  • FIG. 4 shows the functional main parts of the home control network device 61 according to the invention.
  • the home control network device 61 has a power source 621. It can be an accumulator or a power source based on mains current. All the electric components of the home control network device get their operating voltage from the power source 621.
  • the home control network device 61 has one or more processors 622.
  • the processor or processor means can comprise an arithmetic logic unit, a group of different registers and control circuits.
  • a data storing arrangement 623 such as a memory unit or memory means, whereon computer-readable information or programs or user information can be stored, has been connected to the processor means.
  • the memory means 623 typically contain memory units, which allow both reading and writing functions (Random Access Memory, RAM), and memory units containing non-volatile memory, from which data can only be read (Read Only Memory, ROM).
  • the identification information of the device, its current network path, the identification information of the home control network key 42 functioning as its pair and all the programs needed for the operation of the home control network device 61 are advantageously stored in the memory means.
  • programs stored in the memory of the home control network device 61 are an operating system (e.g. Linux), TCP/IP programs, a VPN program (e.g. OpenVPN), a DHCP client device/server program (e.g. ISC DHCP), a DNS server program (e.g. dnsmasq), a database program (e.g. SQLite), a remote control program (e.g. OpenSSH), a certificate management/confirmation program (e.g. GPG) and a user interface library (e.g. LuCl).
  • an operating system e.g. Linux
  • TCP/IP programs e.g. OpenVPN
  • a DHCP client device/server program e.g. ISC DHCP
  • DNS server program e.g. dnsmasq
  • database program e.g. SQLite
  • remote control program e.g. OpenSSH
  • GPG certificate management/confirmation program
  • a user interface library e.g. LuC
  • the home control network device 61 also comprises interface elements, which comprise an input/output or input/output means 624, 625, 626 and 627 for receiving or sending information.
  • the information received with the input means is transferred to be processed by the processor means 622 of the home control network device 61.
  • the interface elements of the home control network device transfer information either to the data transfer network or to external data processing devices.
  • the interface elements of the home control network device 61 are advantageously a WAN port 624, one or more LAN ports 625, an antenna port 626 and a USB port 627.
  • the pairing of the home control network device 61 and the home control network key 42 or 41 c can advantageously be done for example via the USB port 627.
  • the functions of the home control network device 61 can be integrated as a part of a computerised or house engineering device, which has a sufficient processor and memory capacity and connecting means for connecting various technical means thereto either with a wired data transfer connection or a wireless data transfer connection.
  • This computerised device in which the functions of the home control network device are integrated, is connected to some data transfer network 5, from which there is access to the public Internet.
  • FIG. 5a shows the functional main parts of the home control network key 42 according to the invention.
  • the home control network device 42 has a power source 421. It can be an accumulator or a power source based on mains current. All the electric components of the home control network device get their operating voltage from the power source 421.
  • the home control network key 42 may comprise one or several processors 422.
  • the processor or processor means can comprise an arithmetic logic unit, a group of different registers and control circuits.
  • a data storing arrangement 423 such as a memory unit or memory means, whereon computer-readable information or programs or user information can be stored, has been connected to the processor means.
  • the memory means 423 typically contain memory units, which allow both reading and writing functions (Random Access Memory, RAM), and memory units containing non-volatile memory, from which data can only be read (Read Only Memory, ROM).
  • the identification information of the device, its current network path, the identification information of the home control network devices functioning as its device pairs and all the programs needed for the operation of the home control network key 42 are advantageously stored in the memory means.
  • programs stored in the memory of the home control network key 42 are an operating system (e.g. Linux), TCP/IP programs, a VPN program (e.g. OpenVPN), a DHCP server/client device program (e.g. ISC DHCP), a DNS server program (e.g. dnsmasq), a database program (e.g. SQLite), a remote control program (e.g. OpenSSH), a certificate management/confirmation program (e.g. GPG) and a user interface library (e.g. LuCl).
  • an operating system e.g. Linux
  • TCP/IP programs e.g. OpenVPN
  • a DHCP server/client device program e.g. ISC DHCP
  • DNS server program e.g. dnsmasq
  • database program e.g. SQLite
  • remote control program e.g. OpenSSH
  • GPG certificate management/confirmation program
  • a user interface library e.g. LuCl
  • the home control network key 42 also comprises interface elements, which comprise an input/output or input/output means 424, 425 and 426 for receiving or sending information.
  • the information received with the input means is transferred to be processed by the processor means 422 of the home control network key 42.
  • the interface elements of the home control network device transfer information either to the data transfer network or to external data processing devices.
  • the interface elements of the home control network device 42 are advantageously a WAN port 424, a LAN port 425, a USB port 426 and an antenna port 427.
  • FIG. 5b shows the functional main parts of a home control network key 42b according to a second embodiment of the invention.
  • the home control network key 41 c may comprise one or several processors 422.
  • the processor or processor means can comprise an arithmetic logic unit, a group of different registers and control circuits.
  • a data storing arrangement 423 such as a memory unit or memory means, whereon computer-readable information or programs or user information can be stored, has been connected to the processor means.
  • the memory means 423 typically contain memory units, which allow both reading and writing functions (Random Access Memory, RAM), and memory units containing non-volatile memory, from which data can only be read (Read Only Memory, ROM).
  • the identification information of the home control network key 42b, its current network path, the identification information of the home control network device 61 functioning as its device pairs and all the programs needed for the operation of the home control network key 41 c are advantageously stored in the memory means.
  • programs stored in the memory of the home control network key 42b are an operating system (e.g. Linux), TCP/IP programs, a VPN program (e.g. OpenVPN), a DHCP client device program (e.g. ISC DHCP), a database program (e.g. SQLite), a certificate management/confirmation program (e.g. GPG) and a user interface library (e.g. LuCl).
  • an operating system e.g. Linux
  • TCP/IP programs e.g. OpenVPN
  • a DHCP client device program e.g. ISC DHCP
  • database program e.g. SQLite
  • certificate management/confirmation program e.g. GPG
  • a user interface library e.g. LuCl
  • the home control network key 42b also comprises interface elements, which comprise an input/output or input/output means 426 for receiving or sending information.
  • the information received with the input means is transferred to be processed by the processor means 422 of the home control network key 42b.
  • the interface elements of the home control network device are advantageously used to transfer information from the memory 423 of the home control network key either to an external data processing device 41 c or to the home control network device 61.
  • information or commands can be received via the interface elements for example from the data processing device, to which the home control network key 42b is connected.
  • a higher access right level key device user/owner e.g. an administrator
  • has control right to all control targets of home control network key users on a lower level such as basic users.
  • An owner of a lower level key device access right level does on the other hand not have access to any other higher access right level control target than his own targets.
  • FIG. 6 shows the functional main parts of the home control network server 21.
  • the home control network server 21 comprises a power source 211. It can be an accumulator or a power source based on mains current. All the electric components of the home control network server 21 get their operating voltage from the power source 211.
  • the home control network server 21 has one or more processors 212.
  • the processor or processor means can comprise an arithmetic logic unit, a group of different registers and control circuits.
  • the memory means 213 typically contain memory units, which allow both reading and writing functions (Random Access Memory, RAM), and memory units containing non-volatile memory, from which data can only be read (Read Only Memory, ROM).
  • RAM Random Access Memory
  • ROM Read Only Memory
  • programs stored in the memory of the home control network server 21 are an operating system (e.g. Linux), TCP/IP programs, a DHCP server/client device program (e.g. ISC DHCP), a DNS server program (e.g. bind), a database program (e.g. SQLite), a certificate management/confirmation program (e.g. GPG) and a user interface library (e.g. LuCl).
  • an operating system e.g. Linux
  • TCP/IP programs e.g. IP
  • a DHCP server/client device program e.g. ISC DHCP
  • DNS server program e.g. bind
  • database program e.g. SQLite
  • certificate management/confirmation program e.g. GPG
  • a user interface library e.g. LuCl
  • the home control network server 21 also comprises interface elements, which comprise an input/output or input/output means 214 and 215 for receiving or sending information.
  • the information received with the input means is transferred to be processed by the processor means 212 of the home control network server 21.
  • the interface elements of the home control network server 21 transfer information either to the data transfer network or to external data processing devices.
  • the interface elements of the home control network server 21 are advantageously a WAN port 214 and one or more LAN ports 215.
  • the home control network server 21 advantageously also comprises a user interface (not shown in Figure 6 ), which comprises means for receiving information from the server 21 user.
  • the user interface can comprise a keyboard, a touch screen, a microphone and a speaker.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Automation & Control Theory (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)
  • Telephonic Communication Services (AREA)
  • Selective Calling Equipment (AREA)
EP12788813.9A 2011-05-24 2012-05-22 Device arrangement for implementing remote control of properties Active EP2715983B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PL12788813T PL2715983T3 (pl) 2011-05-24 2012-05-22 Układ urządzenia do realizacji zdalnego sterowania nieruchomościami

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI20115512A FI124341B (fi) 2011-05-24 2011-05-24 Laitejärjestely kiinteistöjen etähallinnan toteuttamiseksi
PCT/FI2012/050484 WO2012160257A2 (en) 2011-05-24 2012-05-22 Device arrangement for implementing remote control of properties

Publications (3)

Publication Number Publication Date
EP2715983A2 EP2715983A2 (en) 2014-04-09
EP2715983A4 EP2715983A4 (en) 2015-04-15
EP2715983B1 true EP2715983B1 (en) 2016-09-28

Family

ID=44071637

Family Applications (1)

Application Number Title Priority Date Filing Date
EP12788813.9A Active EP2715983B1 (en) 2011-05-24 2012-05-22 Device arrangement for implementing remote control of properties

Country Status (15)

Country Link
US (1) US9363194B2 (zh)
EP (1) EP2715983B1 (zh)
JP (1) JP5687388B2 (zh)
KR (1) KR101546740B1 (zh)
CN (1) CN103703725B (zh)
AU (1) AU2012260775B2 (zh)
BR (1) BR112013030140A2 (zh)
CA (1) CA2834147C (zh)
DK (1) DK2715983T3 (zh)
ES (1) ES2609660T3 (zh)
FI (1) FI124341B (zh)
MX (1) MX2013013745A (zh)
PL (1) PL2715983T3 (zh)
RU (1) RU2552140C1 (zh)
WO (1) WO2012160257A2 (zh)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI125972B (fi) 2012-01-09 2016-05-13 Tosibox Oy Laitejärjestely ja menetelmä kiinteistöjen etähallinnassa käytettävän tiedonsiirtoverkon luomiseksi
US20150281122A1 (en) * 2014-03-31 2015-10-01 Byron L. Hoffman Method and Apparatus for Facilitating Accessing Home Surveillance Data by Remote Devices
CN105450585B (zh) 2014-07-24 2019-10-01 阿里巴巴集团控股有限公司 一种信息传输方法及装置
RU2674309C9 (ru) * 2017-03-10 2019-02-15 Ашот Эрнстович Кочарян Устройство, способ, программа и интерфейс для системы терминалов с управлением посредством сенсорного экрана
CN112312489B (zh) 2019-07-31 2021-12-24 华为技术有限公司 传输数据的方法、通信装置和通信系统
CN114221759B (zh) * 2021-11-29 2024-04-12 成都卫士通信息产业股份有限公司 一种远程监控部署方法、装置、电子设备及存储介质

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6886095B1 (en) 1999-05-21 2005-04-26 International Business Machines Corporation Method and apparatus for efficiently initializing secure communications among wireless devices
JP2002354556A (ja) 2001-05-25 2002-12-06 Tomoo Sumi 制御装置への被制御装置の登録方法および制御システム
KR100485769B1 (ko) * 2002-05-14 2005-04-28 삼성전자주식회사 서로 다른 홈네트워크에 존재하는 네트워크장치간의접속을 제공하기 위한 장치 및 방법
JP4056849B2 (ja) * 2002-08-09 2008-03-05 富士通株式会社 仮想閉域網システム
DE10355265A1 (de) * 2003-11-26 2005-06-23 Siemens Ag Verfahren zum Registrieren eines Kommunikationsgeräts, zugehöriges Kommunikationsgerät sowie Registrierungseinheit
US20050120204A1 (en) * 2003-12-01 2005-06-02 Gary Kiwimagi Secure network connection
US7590074B1 (en) * 2004-12-02 2009-09-15 Nortel Networks Limited Method and apparatus for obtaining routing information on demand in a virtual private network
US8713132B2 (en) 2005-03-16 2014-04-29 Icontrol Networks, Inc. Device for data routing in networks
JP2006344017A (ja) * 2005-06-09 2006-12-21 Hitachi Ltd センサネットワークシステム及びセンサネットワークのデータ処理方法
US8000280B2 (en) 2005-10-04 2011-08-16 Panasonic Corporation Network communication apparatus, network communication method, and address management apparatus
JP4679393B2 (ja) * 2006-03-02 2011-04-27 Necインフロンティア株式会社 Sip通信システム、sipゲートウェイ装置及びそれらに用いるsip通信制御方法
US8599788B2 (en) * 2006-03-20 2013-12-03 Samsung Electronics Co., Ltd. Method and system for mobile secure socket layer in virtual private networks
DK1912413T3 (da) * 2006-10-13 2010-05-25 Quipa Holdings Ltd Fremgangsmåde til at etablere et sikkert virtuelt privat netværk som udnytter peer-to-peer-kommunikation
US7391298B1 (en) * 2007-05-09 2008-06-24 Gewa, Llc Wireless system for monitoring and reacting to events at a remote location
US20090319673A1 (en) 2008-04-24 2009-12-24 International Business Machines Corporation Automated Wireless Device Pairing
JP2010086175A (ja) 2008-09-30 2010-04-15 Dainippon Printing Co Ltd リモートアクセス管理システム及び方法
US20100125894A1 (en) * 2008-11-19 2010-05-20 At&T Intellectual Property I, L.P. Systems, methods and computer program products that facilitate remote access of devices in a subscriber network
CN101931561A (zh) 2010-09-07 2010-12-29 建汉科技股份有限公司 远程控制网络设备管理系统及管理端与网络设备操作方法
FI123551B (fi) * 2011-02-22 2013-07-15 Tosibox Oy Menetelmä ja laitejärjestely kiinteistöjen etähallinnan toteuttamiseksi

Also Published As

Publication number Publication date
PL2715983T3 (pl) 2017-07-31
BR112013030140A2 (pt) 2016-09-27
FI20115512A (fi) 2012-11-25
WO2012160257A3 (en) 2013-02-21
KR20140035956A (ko) 2014-03-24
US9363194B2 (en) 2016-06-07
JP5687388B2 (ja) 2015-03-18
CA2834147C (en) 2017-08-29
ES2609660T3 (es) 2017-04-21
FI20115512L (fi) 2012-11-25
RU2552140C1 (ru) 2015-06-10
EP2715983A2 (en) 2014-04-09
KR101546740B1 (ko) 2015-08-27
MX2013013745A (es) 2014-08-27
WO2012160257A2 (en) 2012-11-29
CN103703725B (zh) 2016-05-18
EP2715983A4 (en) 2015-04-15
JP2014522590A (ja) 2014-09-04
FI124341B (fi) 2014-07-15
AU2012260775A1 (en) 2014-01-09
US20140129713A1 (en) 2014-05-08
DK2715983T3 (da) 2017-01-16
CN103703725A (zh) 2014-04-02
CA2834147A1 (en) 2012-11-29
AU2012260775B2 (en) 2015-01-22
FI20115512A0 (fi) 2011-05-24

Similar Documents

Publication Publication Date Title
US8831020B2 (en) Method and device arrangement for implementing remote control of properties
US9900178B2 (en) Device arrangement and method for implementing a data transfer network used in remote control of properties
EP2715983B1 (en) Device arrangement for implementing remote control of properties

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20131217

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
A4 Supplementary search report drawn up and despatched

Effective date: 20150317

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 12/46 20060101ALI20150311BHEP

Ipc: H04L 12/28 20060101AFI20150311BHEP

Ipc: H04L 29/06 20060101ALN20150311BHEP

17Q First examination report despatched

Effective date: 20151029

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 29/06 20060101ALN20160310BHEP

Ipc: H04L 12/28 20060101AFI20160310BHEP

Ipc: H04L 12/46 20060101ALI20160310BHEP

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 29/06 20060101ALN20160414BHEP

Ipc: H04L 12/28 20060101AFI20160414BHEP

Ipc: H04L 12/46 20060101ALI20160414BHEP

INTG Intention to grant announced

Effective date: 20160426

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 833566

Country of ref document: AT

Kind code of ref document: T

Effective date: 20161015

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602012023567

Country of ref document: DE

REG Reference to a national code

Ref country code: SE

Ref legal event code: TRGR

REG Reference to a national code

Ref country code: NL

Ref legal event code: FP

REG Reference to a national code

Ref country code: DK

Ref legal event code: T3

Effective date: 20170109

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG4D

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

REG Reference to a national code

Ref country code: NO

Ref legal event code: T2

Effective date: 20160928

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20161229

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

RAP2 Party data changed (patent owner data changed or rights of a patent transferred)

Owner name: TOSIBOX OY

REG Reference to a national code

Ref country code: ES

Ref legal event code: FG2A

Ref document number: 2609660

Country of ref document: ES

Kind code of ref document: T3

Effective date: 20170421

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 6

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

Ref country code: SM

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170128

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20161228

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20170130

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 602012023567

Country of ref document: DE

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20170531

26N No opposition filed

Effective date: 20170629

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

REG Reference to a national code

Ref country code: IE

Ref legal event code: MM4A

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20170522

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20170522

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 7

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20170522

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

REG Reference to a national code

Ref country code: AT

Ref legal event code: UEP

Ref document number: 833566

Country of ref document: AT

Kind code of ref document: T

Effective date: 20160928

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO

Effective date: 20120522

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: NL

Payment date: 20190520

Year of fee payment: 8

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: IE

Payment date: 20190522

Year of fee payment: 8

Ref country code: ES

Payment date: 20190604

Year of fee payment: 8

Ref country code: PL

Payment date: 20190423

Year of fee payment: 8

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: BE

Payment date: 20190520

Year of fee payment: 8

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: CH

Payment date: 20190516

Year of fee payment: 8

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CY

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20160928

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160928

REG Reference to a national code

Ref country code: NO

Ref legal event code: MMEP

REG Reference to a national code

Ref country code: NL

Ref legal event code: MM

Effective date: 20200601

REG Reference to a national code

Ref country code: AT

Ref legal event code: MM01

Ref document number: 833566

Country of ref document: AT

Kind code of ref document: T

Effective date: 20200522

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200531

Ref country code: AT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200522

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200531

Ref country code: NO

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200531

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NL

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200601

REG Reference to a national code

Ref country code: BE

Ref legal event code: MM

Effective date: 20200531

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FR

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200531

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200531

REG Reference to a national code

Ref country code: ES

Ref legal event code: FD2A

Effective date: 20211004

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: ES

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200523

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PL

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20200522

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: IT

Payment date: 20230524

Year of fee payment: 12

Ref country code: DK

Payment date: 20230515

Year of fee payment: 12

Ref country code: DE

Payment date: 20230524

Year of fee payment: 12

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: SE

Payment date: 20230516

Year of fee payment: 12

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20230523

Year of fee payment: 12